restrict service desk agent access to other project issues

Ok, so currently we have a general user assigned to each project's Service desk. For example "Project A" would have ServiceDeskAgentA. and "Project B" would have "ServiceDeskAgentB" both agents are a part of service-desk-agents groups as a result of being agents, which as far as I know is necessary, since literature suggests that JIRA apparently uses this group for licensing. Is there a way to restrict ServiceDeskAgentA from being able to see issues in "Project B"?

I was able to limit service-desk agents from having visibility/access across service desks w/out having to modify issue security schemes. I simply created agent groups for each service desk, then set the members of the Service Desk Team role in each service desk to the appropriate agent group. Using your example Carlo, I accomplished this by...

Making sure each agent is a member of the service-desk-agents group (for license reasons).

Creating a projectA-agents group and projectB-agents group

Defining the membership of the Service Desk Team role for Project A to be the members of the group projectA-agents

Defining the membership of the Service Desk Team role for Project B to be the members of the group projectB-agents

That's it. By defining the members of the Service Desk Team role for each project using project-specific agent groups, agents who are members of projectA-agents group can't see/access Project B, and vice versa. I did not have to mess w/ the security scheme or permissions. The permissions out of the box work fine.

Hi @Juan Peraza
This is indeed how we currently have it set up, however while agents cannot see a Service Desk Portal/Board of another project, it can still see the underlying JIRA issues, eg AgentB can see Project A (PRGA-123) even though he is not part of the Service desk team on that project. Perhaps I'm missing something.
Kind Regs,
CAM

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Hmm? I wonder if I did have to modify my permission scheme and I forgot that I did. I don't think I did. Take a look at the permission scheme for your Project A. Are the project and issue permissions defined such that only members of certain project roles have privileges? All of my project and issue permissions only allow members of certain project roles to have privileges. I don't remember setting these permissions manually. I think the permissions for Service Desk projects use an out-of-the-box permissions scheme suited for service desk projects. Almost all of my project and issue permissions only allow these project roles to have privileges - Administrators, Service Desk Team, Service Desk Customer - Portal Access. What does the permission scheme for your Project A look like?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...